Facebook provides additional Security to Notification E-mails

Arpan SinhaCyber Security

Facebook announces that it has introduced a new feature which will let the users add OpenPGP encryption keys to their profile so that Facebook can encrypt the emails it sends to them. Facebook has taken various steps in the past to ensure security to a certain level, such as running connections over HTTPS and a Tor onion site, but this one will make sure that the notification emails sent to users by Facebook are properly encrypted.

PGP (Pretty Good Privacy) is an encryption standardization. When a hacker tries to do crypt-analysis, he notices the pattern of the encrypted text. PGP compresses the data making it impossible to study the correct patterns. Compressing the data also reduces the size thus making it easier and faster to transport the data. A session key is generated after this based on your pattern of keyboard and mouse movements. It is a one-time key and unique to all. This session key is used to encrypt the compressed data. After this the session key that was used is encrypted using RSA algorithm. For this encryption the receiver’s public key is used. The encrypted data and key is then sent to the receiver. Click here for an info-graphic on PGP, and here to know how to set it up on your emails.

To update a public key, click here:


It will look like this:Capture


Enter the key in the space provided, and click on save changes. There’s also an option where you can allow Facebook to use this key for emails. Select this option (recommended) and then save changes. After you’ve done it, you’ll be redirected to your about page, which will appear like this:


image source: Facebook